Blumira Agent can now automatically respond to detected threats and isolate the endpoints it runs on when specific detections trigger findings in your account. As an administrator in the XDR Platform Edition, you can configure Blumira's automated host isolation (AHI) settings to ensure that automated response meets the needs and preferences of your security team. Manual isolation remains an option across all agent devices, giving you full control of your response tactics, with the benefit of additional coverage whenever you need it.
With the in-app configurations, you can:
- Enable or disable AHI at the account level.
- Select which Threat and Suspect priority levels to include (e.g., P1 only, P1 & P2, or all).
- Exclude specific agent devices from AHI on specific.
Reference: See Automatically isolating Windows endpoints with Blumira Agent to learn more.